LastPass SAML setup
Enable your LastPass users to access Trelica with Single-Sign-On (SSO).
Log in to LastPass and open the SSO and MFA menu option:
Navigate to Applications > Web App and click Add Application:
Under Select your app, choose Custom and in the App Name field enter Trelica.
Expand the Identity Provider step and click Metadata at the bottom right. This will download the IdP metadata file that tells Trelica how to configure itself for LastPass:
You now need to put the IdP metadata you downloaded from LastPass into Trelica.
Click New. The New SAML Identity Provider dialog is displayed.
In the Name field enter LastPass and ensure Metadata type is set to Metadata:
Open the IdP metadata that you downloaded from LastPass in a text editor (e.g. Notepad or Visual Studio Code), and cut
Ctrl + Xand paste
Ctrl + Vthe contents of the file into the Metadata field.
The next step needs the ACS URL and the Entity ID from Trelica. You can copy these to the clipboard by clicking on the small copy icon next to each.
Flip between the Trelica and LastPass browser tabs to copy and paste
Ctrl + Vthe URLs into LastPass.
Expand Advanced Setup to move to the next step.
Set Identifier to Email and ensure that the SAML signature method is set to SHA256.
Finally, expand the Custom Attributes step.
Ensure that Sign Assertion is selected and that Sign Response is not selected.
Now add three attributes as follows:
Click Save and assign to save the SAML configuration and assign some users to the application for testing.
Log in to LastPass as your test user and select the My Cloud Apps menu option.
You should see the Trelica logo. Click on it, and after a short pause you should be logged in to Trelica.